Tuesday, June 12, 2012

I know these last couple posts don't have a lot to do with sipXecs but I thought I'd share a few of the Amazon AWS tips I've been accumulating.

Sometimes you just need more than the 8 GB EBS volume that Amazon provides with Amazon Linux. Sure you can just create another volume and attach it somewhere, but sometime it’s just easier to have one big drive.The following instructions are used to create a 64 bit Amazon Linux AMI with a boot drive up to 1 TB in size.Servers can then be rapidly deployed from your new custom AMI.

Create Base System

Starting from

AMI:amzn-ami-pv-2012.03.1.x86_64-ebs (ami-e565ba8c)

Launch a new instance.If you’d like, login and update system

SSH to new Instance with key, login as ec2-user

sudo sh

yum update

shutdown -h now

Build AMI

In EC2 console create a snapshot of the root EBS volume.Create an ESB volume from that snapshot with the new desired size. (Please ensure it is in the same Availability Zone as the instance)Detach the root 8 GB EBS volume and attach the newly created EBS volume to /dev/sda1 on the instance.Start the instance and then login.Resize the disk to get the rest of the expanded disk

sudo resize2fs /dev/sda1

From the EC2 console, click on the Instance and Create AMI from the running Instance.There you have it!

Saturday, June 9, 2012

Notes

Creating an AWS instance in normal AWS space and stopping and starting a server will have profound repercussions if:

The AMI used is Instance Store - Drive image reset (all data lost)

The Instance is not in VPC - Internal IP assigned to server will change

VPC = Virtual Private Cloud

Setup VPC

Login to the AWS ConsoleClick on VPC tab.Click on VPC DashboardCreate a VPC with Single Public Subnet Only (default option)VPC Defaults to 10.0.0.0/16 network space with the server within 10.0.0.0/24.Note which availability zone the VPC subnet was created in (in VPC tab, see subnets on left side menu)To add a server to the VPC, click on Launch EC2 Instances which will take you back to the EC2 tab. When you create your host following, make sure that it is in the proper availability zone.

Setup VPC Firewall

Allow the following ports to host (create a security group if you don’t have one already).

Add forwarders section in ‘options’ to forward to AWS DNS servers (typically .2 in your VPC ip range, mine is 172.30.1.2 in my example below and my server is 172.30.1.10). Just put this as the last line in the options { ... } section:

forwarders { 172.30.1.2; };

Add the zone file settings:

zone "yourmaildomain" {

type master;

file "yourmaildomain.zone";

allow-update { none; };

};

Create zone data file:

nano -w /var/named/yourdomain.zone

Your zone file should look as follows (change yourmaildomain to your email domain, my mail server host name is mail, so fqdn = mail.yourdomain) (also, change the IP to be the IP of your server in the AWS VPC):

$TTL 1800

@ IN SOA ns1.yourdomain. root.yourmaildomain. (

2012041902 ; serial#

1800 ; refresh, seconds

1800 ; retry, seconds

1800 ; expire, seconds

1800 ) ; minimum TTL, seconds

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; DNS Servers for 'zimbra.yourmaildomain’'

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

yourmaildomain. IN NS mail.yourmaildomain.

yourmaildomain. MX 10 mail.yourmaildomain.

mail.yourmaildomain. IN A 172.30.1.10

Make sure DNS starts on server boot:

chkconfig named on

Reboot server and make sure DNS is started:

reboot

ssh back in...

service named status

Configure Server Name

Edit the hosts file:

nano -w /etc/hosts

Add a line that looks like:

ip.addr.ofserver.invpc fqdn.of.server hostnameofserver

The fqdn should match what you specified in the external DNS and the hostname is the part of the FQDN before the domain (I used ‘mail’ in the example above)

Edit the network file:

nano -w /etc/sysconfig/network

Modify HOSTNAME=fqdn.of.server

Modify Amazon VPC DHCP

Modify the Amazon VPC setup’s DHCP Server so that the local DNS server is handed out first.

VPC Management -> DHCP Options Sets

Create DHCP Options Set

Set domain-name = your mail domain

Set Domain-name-servers = ip.addr.of.host,amazondnsserver

(in my case the above two values were - 172.30.1.10, 172.30.1.2)

Your VPCs -> Check mark next to the VPC to modify, Change DHCP Options Set to new options set.

Setup Zimbra Host

Starting from

AMI:amzn-ami-pv-2012.03.1.x86_64-ebs (ami-e565ba8c)

(I’m use the East Region so this is mine... ymmv)

Launch a new instance.

Create a 20 GB EBS Volume (make sure it is created in the same AWS availability zone as the VPC subnet) and then Attach it to new instance (/dev/sdf)

Assign an elastic IP to the new server.

SSH to new Instance

login with ec2-user and certificate

ssh -i key.pem ec2-user@elasticip

Sudo to sh

sudo sh

Mount new drive, format, copy /var folder to it, then mount it back to /var

mke2fs -F -j /dev/sdf

mkdir /mnt/ec2

mount /dev/sdf /mnt/ec2

cp -a /var/* /mnt/ec2

mount /dev/sdf /var

umount /mnt/ec2

Make system mount this volume every time

nano -w /etc/fstab

Add the following line to the bottom of the file:

/dev/sdf /var ext3 defaults 0 0

Continue with Installation & update Amazon Linux:

yum update

Reboot server to pickup updates.

reboot

SSH back into system

ssh -i key.pem ec2-user@elasticip

Login as root...

sudo sh

Install Zimbra

It’s important to make sure DNS is working right before this point...

dig yourmaildomain

dig yourmaildomain MX

Make sure this is being resolved locally... LDAP stuff will mess up during install if you don’t do this.

About Me

Worked for many years as a Senior Level Network Engineer with specialization in network infrastructure and SIP based IP Communications Systems.
I get to work with Amazon Web Services quite a bit (hence some of the posts here).
Also, I'm an Autocrosser... just need find a way to be able to do it full time :-)
Drop me an e-Mail!